I was playing around with trying to figure out how my bank knows when to give me a two factor authentication prompt. I had originally thought it was based on my cookies and maybe my IP address. But ...

I follow a few infosec-related Twitter personalities: Paul Moore, Taylor Swift, Troy Hunt are the main 3. Paul Moore is currently in the process of switching banks, frequently tweeting and retweeting ...

It was recently brought to my attention that a certain big bank website allows users to log in with passwords that are not case sensitive. After confirming this, I checked other websites I bank with ...

Quite a few websites, Coinbase and Stripe most notably, ask for the last four digits of your social security number to 'verify your identity'. Assuming these websites are not trying to fraud you, how ...

I have been using RSA SecureID ® Keys for quite some time now (perhaps 10 years), for things such as securely my home banking account online or accessing my company's network of computers from home. ...

I wonder what is the content of a basic banking card having a chip, the kind you use for payment in any store, with a PIN, possible bank authorization, such as Mastercard or Visa or national banking ...

I have read this question and answer but still uncertain how it actually works and how a user could then be hacked. I'm asking because my brother supposedly was hacked and his bank uses exactly this ...

Brussels Airlines allows several payment types, only two of which are free: Maestro and Sofort Banking:
The second option was new to me, but direct debit is usually a free and practical way to pay: ...

I've been checking out various TLS certificates lately and noticed that most of the banks seem to have the following two issues:
1) They do not offer perfect forward secrecy
2) They are still using ...

I have a mobile banking application installed on my phone which allows me to pay for things, transfer money using my phone from my account to another etc.
How safe or unsafe is this application? For ...

How do I securely communicate my bank connection details (IBAN + full name) to an otherwise trusted person with email being the only connection? Obviously I wouldn't use (plaintext) e-mail since any ...

In our web application, we allow customers to enter their bank account information as a method of payment (account number, routing number, bank name). This information goes nowhere at all; it's up to ...

I wanted to log on to my account on my bank's website. The account is protected by a number of security checks. The first one is what really amounts to a username, a confidential one. It's an 8-digit ...

I know many banks using Windows XP on almost computers for staff working, WinXP has many security vulnerabilities. But rarely seriously problems occured with thier system.
Is there good Firewall and ...

To log into my online banking, I have to answer a basic personal question such as "What is your mother's maiden name" or "What is your grandfather's middle name", as well as enter a one-time code from ...

To pay off our users, they are asked to enter their IBAN and bank name and bank address. The users are mostly based in Europe.
As far as I know (see also this question) these details can not be used ...

I'm working in a web agency, i have a request to made an home banking system for a little bank. I'm searching in internet for some information about security and a good pattern to start, but naturally ...

Does anyone have thoughts on the potential damage of your online banking account being hacked? I'm not sure what a person could actually do since I think they could really only pay my bills (adding a ...

POLi Payments is an Australian based online payment provider which has begun trading in New Zealand. They are supported as a payment option on some large eCommerce websites in New Zealand, including ...